Stream Cipher, Block cipher,

Modes of Operation
Dr. N.Gopika rani
CSE Department
 S.NO Block Cipher Stream Cipher

Block Cipher Converts the plain text into cipher text by Stream Cipher Converts the plain text into cipher text by
1.
taking plain text’s block at a time. taking 1 byte of plain text at a time.

2. Block cipher uses either 64 bits or more than 64 bits. While stream cipher uses 8 bits.

3. The complexity of block cipher is simple. While stream cipher is more complex.

4. Block cipher Uses confusion as well as diffusion. While stream cipher uses only confusion.

5. In block cipher, reverse encrypted text is hard. While in-stream cipher, reverse encrypted text is easy.

The algorithm modes which are used in block cipher are

The algorithm modes which are used in stream cipher are
6. ECB (Electronic Code Book) and CBC (Cipher Block
CFB (Cipher Feedback) and OFB (Output Feedback).
Chaining).

Block cipher works on transposition techniques like

While stream cipher works on substitution techniques like
7. rail-fence technique, columnar transposition technique,
 Caesar cipher, polygram substitution cipher, etc.
etc.

8. Block cipher is slow as compared to a stream cipher. While stream cipher is fast in comparison to block cipher.
Difference Between Confusion and Diffusion

Confusion Diffusion

Confusion obscures the relationship between
the plaintext and ciphertext.
A one-time pad relies entirely on confusion
while a simple substitution cipher is another
(weak) example of a confusion-only
cryptosystem.
Diffusion spreads the plaintext statistics through
the ciphertext.
A double transposition is the classic example of a
diffusion-only cryptosystem.

Confusion hides the relation between the Diffusion hides the relation between the
ciphertext and key. ciphertext and the plaintext.

If a single symbol in the plaintext is changed,

If a single bit in the key is changed, most or
several or all symbol in the ciphertext will also
all bits in the ciphertext will also be changed.
be changed

In confusion, the relationship between the

In diffusion, the statistical structure of the plain
statistics of the ciphertext and the value of the
text is dissipated into long-range statistics of the
encryption key is made complex. It is
ciphertext This is achieved by permutation.
achieved by substitution.
Topics
 Overview of Modes of Operation

 EBC, CBC, CFB, OFB, CTR

 Notes and Remarks on each modes

Modes of Operation Taxonomy
 Current well-known modes of operation
Mode Technical Notes
 Initialize Vector (IV)
 a block of bits to randomize the encryption and hence to produce distinct
ciphertext
 Nonce : Number (used) Once
 Random of psuedorandom number to ensure that past communications
can not be reused in replay attacks
 Some also refer to initialize vector as nonce
 Padding
 final block may require a padding to fit a block size
 Method
 Add null Bytes
 Add 0x80 and many 0x00
 Add the n bytes with value n
Electronic Codebook Book (ECB)
 Message is broken into independent blocks which are
encrypted

 Each block is a value which is substituted, like a

codebook, hence name

 Each block is encoded independently of the other blocks

Ci = EK (Pi)
 Uses: secure transmission of single values
Topics
 Overview of Modes of Operation

 EBC, CBC, CFB, OFB, CTR

 Notes and Remarks on each modes

ECB Scheme
Remarks on ECB
 Strength: it’s simple.

 Weakness:
 Repetitive information contained in the plaintext may show in
the ciphertext, if aligned with blocks.
 If the same message is encrypted (with the same key) and sent
twice, their ciphertext are the same.

 Typical application:
 secure transmission of short pieces of information (e.g. a
temporary encryption key)

10
Cipher Block Chaining (CBC)
 Solve security deficiencies in ECB
 Repeated same plaintext block result different ciphertext
block

 Each previous cipher blocks is chained to be input with

current plaintext block, hence name

 Use Initial Vector (IV) to start process

Ci = EK (Pi XOR Ci-1)
C0 = IV

 Uses: bulk data encryption, authentication

CBC scheme
Remarks on CBC
 The encryption of a block depends on the current and
all blocks before it.
 So, repeated plaintext blocks are encrypted differently.
 Initialization Vector (IV)
 May sent encrypted in ECB mode before the rest of
ciphertext

13
Cipher FeedBack (CFB)
 Use Initial Vector to start process

 Encrypt previous ciphertext , then combined with the plaintext block
using X-OR to produce the current ciphertext

 Cipher is fed back (hence name) to concatenate with the rest of IV

 Plaintext is treated as a stream of bits

 Any number of bit (1, 8 or 64 or whatever) to be feed back (denoted CFB-1,
CFB-8, CFB-64)

 Relation between plaintext and ciphertext

Ci = Pi XOR SelectLeft(EK (ShiftLeft(Ci-1)))
C0 = IV

 Uses: stream data encryption, authentication

CFB Scheme

15
CFB Encryption/Decryption
CFB as a Stream Cipher

 In CFB mode, encipherment and decipherment use the

encryption function of the underlying block cipher.
Output FeedBack (OFB)
 Very similar to CFB

 But output of the encryption function output of cipher is fed back

(hence name), instead of ciphertext

 Feedback is independent of message

 Relation between plaintext and ciphertext

Ci = Pi XOR Oi
Oi = EK (Oi-1)
O0 = IV
 Uses: stream encryption over noisy channels
CFB V.S. OFB

Cipher Feedback

Output Feedback
OFB Scheme
OFB Encryption and Decryption
OFB as a Stream Cipher
 In OFB mode, encipherment and decipherment use the encryption function
of the underlying block cipher.
Remarks on OFB
 Each bit in the ciphertext is independent of the previous bit or
bits. This avoids error propagation

 Pre-compute of forward cipher is possible

 Security issue
 when jth plaintext is known, the jth output of the forward cipher
function will be known
 Easily cover jth plaintext block of other message with the same IV

 Require that the IV is a nonce

Counter (CTR)
 Encrypts counter value with the key rather than any feedback
value (no feedback)

 Counter for each plaintext will be different

 can be any function which produces a sequence which is guaranteed not
to repeat for a long time

 Relation
Ci = Pi XOR Oi
Oi = EK (i)

 Uses: high-speed network encryptions

CTR Scheme
CTR Encryption and Decryption
Remark on CTR

 Strengths:
 Needs only the encryption algorithm
 Random access to encrypted data blocks
 blocks can be processed (encrypted or decrypted) in parallel
 Simple; fast encryption/decryption

 Counter must be
 Must be unknown and unpredictable
 pseudo-randomness in the key stream is a goal

27
Remark on each mode
 Basically two types:
 block cipher
 stream cipher

 CBC is an excellent block cipher

 CFB, OFB, and CTR are stream ciphers

 CTR is faster because simpler and it allows parallel

processing

28
CBC and CTR comparison

CBC CTR
Padding needed No padding

No parallel processing Parallel processing

Separate encryption and decryption Encryption function alone is enough

functions
Random IV or a nonce Unique nonce

Nonce reuse leaks some information Nonce reuse will leak information
about initial plaintext block about the entire message

29
Comparison of Different Modes
Comparison of Modes
Mode Description Application

ECB 64-bit plaintext block encoded Secure transmission of

separately encryption key
CBC 64-bit plaintext blocks are XORed Commonly used
with preceding 64-bit ciphertext method. Used for
authentication
CFB s bits are processed at a time and Primary stream cipher.
used similar to CBC Used for authentication

31
Comparison of Modes
Mode Description Application

OFB Similar to CFB except that Stream cipher well suited

the output is fed back
CTR Key calculated using the
nonce and the counter value.
Counter is incremented for
each block
for transmission over
noisy channels
General purpose block
oriented transmission.
Used for high-speed
communications

32